Biometric Device Pairing

ABSTRACT

A first electronic device is associated with a biometric sensor. Biometric data received by the biometric sensor is used to permit the first electronic device to pair with, unlock, and/or access a second electronic device.

CROSS-REFERENCE TO RELATED APPLICATION

This application claims the benefit under 35 U.S.C. §119(e) of U.S.Provisional Patent Application No. 62/057,709, filed Sep. 30, 2014,entitled “Biometric Device Pairing,” the entirety of which isincorporated herein by reference as if fully disclosed herein.

FIELD

Embodiments disclosed herein relate to biometric data which may be usedto authenticate and identify users of various electronic devices and,more particularly, to various biometric data which may be communicatedfrom a first secure electronic device to a second secure electronicdevice in to allow an identified user to access the second secureelectronic device.

BACKGROUND

Biometric identification or authentication may be used in computers andother electronic devices as a form of identification and access control.Biometric identifiers are distinctive, measurable physiologicalcharacteristics related to the configuration or characteristics of thebody that can be used to identify individuals. Example biometricidentifiers include, but are not limited to, a fingerprint, facerecognition, DNA, a palm print, hand geometry, iris recognition, retinarecognition, and scent. A biometric system may perform an identificationcomparison against a biometric database in an attempt to establish theidentity of an individual. The system will identify the individual bycomparing a biometric sample such as a fingerprint to stored fingerprintsamples in the database. Biometrics may be used in place of, or inconjunction with, other methods of personal recognition such aspasswords, PINs or keys.

Fingerprint recognition features may be available on some portableelectronic devices, such as smartphones, thereby allowing users tounlock their phone, as well as to make purchases by using fingerprintsstored on their device. The use of biometrics may supplement or displacethe use of a password to access a portable electronic device. Abiometric sensor may, for example, be built into the home or startbutton of a smartphone (or any other input device or region) to sense ordetect a user's fingerprint and grant or deny access based on thatfingerprint.

SUMMARY

Disclosed embodiments use biometric device pairing to allow biometricidentification-equipped devices to be used for pairing with otherelectronic devices and/or for secure access to the other electronicdevices, including non-biometric authentication enabled devices. Thebiometric identification-equipped device (or simply, “biometric equippeddevice,” “biometric enabled device” or “biometric device”) may establisha secure connection with a second, different device. The connection isbased at least in part on the acquisition and verification of biometricdata. Thereafter, the biometric device may access the second device toretrieve data, configure the second device, transmit data, or otherwiseinteract.

In certain embodiments, a one-time initialization process exchangescredentials between the biometric equipped devices and the non-equippeddevices. Once the credentials are exchanged between the devices, thebiometric enabled device establishes a secure channel from thecredentialed device. The biometric enabled device receives a user'sbiometric data, verifies the biometric data, and sends a message orsignal to the non-enabled device to unlock that device. A password orother authorization is thus not needed to access the non-enabled deviceand the user may thus access that device securely and conveniently afterauthentication by the biometric enabled device. The non-enabled devicemay or may not include biometrics in some embodiments. That is, both thefirst and subsequent device(s) may be biometrically enabled in someembodiments.

In one embodiment, the biometric enabled device is a smartphone with afingerprint sensor to permit a user to unlock the smartphone and, inturn, unlock one or more other devices such as a laptop computer whichmay or may not be biometric enabled. Because accessing one electronicdevice of a user allows access to one or more other electronic devicesof the user without password or other entry protocol, this system ismore convenient, is easier for a user, and contributes to the overalluser satisfaction. The biometric pairing system thus allowsaccessibility to multiple devices with one security verification betweenthe various devices.

In one aspect, an electronic device includes a first biometric sensorand a processing device operably connected to the first biometricsensor. The processing device may be configured to receive biometricdata from the first biometric sensor and determine if the biometric datamatches a biometric template. At least one at least one transmitterdevice is operably connected to the processing device. The at least onetransmitter device is operative to pair the electronic device to asecond electronic device across a network and to transmit anauthorization message to the second electronic device based on a matchbetween the biometric data and the biometric template. The authorizationmessage permits the electronic device to automatically access the secondelectronic device.

In another aspect, a method for a controller device to pair with anaccessory device includes receiving, by the controller device, biometricdata associated with a user of the controller device and establishing asecure connection between the controller device and the accessorydevice. The controller device can generate an asymmetric key pair basedon the biometric data to produce a first public key. The controllerdevice and the accessory device may then exchange public keys. Thecontroller device transmits the first public key to the accessorydevice, and receives a second public key associated with the accessorydevice.

In yet another aspect, a method for a controller device to accessinformation on an accessory device paired with the controller device caninclude a controller device receiving first biometric data andgenerating an authorization message based on a match between the firstbiometric data and a first biometric template. The authorization messageis then communicated from the controller device to the accessoryelectronic device. The accessory device may be unlocked based on theauthorization message. Based on the authorization message, thecontroller device can access the information on the accessory device.

BRIEF DESCRIPTION OF THE DRAWINGS

The disclosure will be readily understood by the following detaileddescription in conjunction with the accompanying drawings, wherein likereference numerals designate like structural elements, and in which:

FIG. 1 is a front view of an electronic device;

FIG. 2 is a schematic illustrating an example biometric sensing system;

FIG. 3 shows a biometric enabled electronic device accessing a secondelectronic device;

FIG. 4 is a flowchart showing example operations for pairing twoelectronic devices;

FIG. 5 is a flowchart showing example operations for authorizing a userafter the electronic devices have been paired;

FIG. 6 is a flowchart illustrating initial example operations forpairing two electronic devices;

FIG. 7 is a flowchart including additional example operations forestablishing a secure channel between controller and accessory devices;

FIG. 8 is a flowchart further illustrating an example pairing process;

FIG. 9 is a flowchart illustrating example operations in the pairingprocess;

FIG. 10 is a flowchart of example initial operations in the process ofauthorizing an operation on an accessory device; and

FIG. 11 is a flowchart illustrating example final operations in theprocess of authorizing an operation on an accessory device.

DETAILED DESCRIPTION

The present disclosure recognizes that personal information data,including biometric data, in the present technology, can be used to thebenefit of users. For example, the use of biometric authentication datacan be used for convenient access to device features without the use ofpasswords. In other examples, user biometric data is collected forproviding users with feedback about their health or fitness levels.Further, other uses for personal information data, including biometricdata that benefit the user are also contemplated by the presentdisclosure.

The present disclosure further contemplates that the entitiesresponsible for the collection, analysis, disclosure, transfer, storage,or other use of such personal information data will comply withwell-established privacy policies and/or privacy practices. Inparticular, such entities should implement and consistently use privacypolicies and practices that are generally recognized as meeting orexceeding industry or governmental requirements for maintaining personalinformation data private and secure, including the use of dataencryption and security methods that meets or exceeds industry orgovernment standards. For example, personal information from usersshould be collected for legitimate and reasonable uses of the entity andnot shared or sold outside of those legitimate uses. Further, suchcollection should occur only after receiving the informed consent of theusers. Additionally, such entities would take any needed steps forsafeguarding and securing access to such personal information data andensuring that others with access to the personal information data adhereto their privacy policies and procedures. Further, such entities cansubject themselves to evaluation by third parties to certify theiradherence to widely accepted privacy policies and practices.

Despite the foregoing, the present disclosure also contemplatesembodiments in which users selectively block the use of, or access to,personal information data, including biometric data. That is, thepresent disclosure contemplates that hardware and/or software elementscan be provided to prevent or block access to such personal informationdata. For example, in the case of biometric authentication methods, thepresent technology can be configured to allow users to optionally bypassbiometric authentication steps by providing secure information such aspasswords, personal identification numbers (PINS), touch gestures, orother authentication methods, alone or in combination, known to those ofskill in the art. In another example, users can select to remove,disable, or restrict access to certain health-related applicationscollecting users' personal health or fitness data.

Reference will now be made in detail to representative embodimentsillustrated in the accompanying drawings and in particular withreference to FIGS. 1-11. It should be understood that the followingdescriptions are not intended to limit the embodiments to one preferredembodiment. To the contrary, it is intended to cover alternatives,modifications, and equivalents as can be included within the spirit andscope of the described embodiments as defined by the appended claims.Those skilled in the art will readily appreciate that the detaileddescription given herein with respect to these figures is forexplanatory purposes only and should not be construed as limiting. Likereference numerals denote like structure throughout each of the variousfigures.

Pairing is a process used in computer networking to set up an initiallink between computing devices in order to allow communications betweenthem. In some embodiments, user authentication (e.g., authentication ofuser based on biometric data) on one device may be communicatedwirelessly to another device to allow that user to access the seconddevice without entering a password or other authentication indicia.

Generally, embodiments described herein may pair two or more devicessuch that a person possessing one of the devices (a “controller device”)may access data, applications, and the like from the other devices afterauthorization (e.g., authentication of user based on biometric data) ofthe controller device is complete. The authorization may be performedwirelessly in many cases, and may last for a set period of time or untilsome condition is reached. As one non-limiting example, authorizationmay last until a network or other wireless connection between the paireddevices is lost. This may permit a person having the controller deviceon his or her person, or nearby, to physically access other deviceswithout forcing that person to enter security credentials. As anotheroption, this may allow a person to access data from paired devicesremotely through the controller device.

Generally, the authorization may occur across a secure, encryptedcommunication channel. As part of the authorization, the controllerdevice may transmit an acknowledgement or indication that a user orother person associated with the controller device has providedbiometric data to the controller device, and that the controller devicehas recognized the person based on the biometric data. Thus, thecontroller device may serve as a gateway for a user to access the otherdevices; in such embodiments it is not necessary that all devices havethe capability or physical structure to access, receive or interpretbiometric data. Nonetheless, the security associated with biometric dataacquisition and recognition may be extended to all paired devicesinsofar as they may rely on the controller device to gather biometricdata and recognize an authorized, enrolled person from such data.

In some embodiments, a low power transmitter device communicates withthe controller device and the paired device(s). The low powertransmitter device can utilize a wireless personal area network radiowavelength communication technology designed to be used over shortdistances from fixed and mobile devices. The low power transmitterdevice can be used to identify device locations in indoor venues whereglobal positioning system (GPS) technologies are not as effective due tointerference with overhead satellite communications by the structuresdefining the indoor venues. The low power transmitter device may also beused to provide communications between the electronic devices over thesesame, relatively short, distances.

In the disclosed embodiments, the biometric data is described asfingerprint data or a fingerprint(s). However, in some embodiments thebiometric data can be other types of biometric data and/or data that isderived from (or based on) the biometric data. Example biometric dataincludes, but is not limited to, a user's voice, a palm print, veins,face, iris, and/or retina. Additionally or alternatively, the data thatis derived from, or based on, a user's biometric data can include ahistogram, a numerical score, a code, a key, a message, and so on.

Referring to FIG. 1, a portable electronic device 11 is shown, in theform of a smartphone. A user's finger 12 is placed on an input element13 to unlock and provide convenient and secure access to the electronicdevice 11. The input element 13 includes a biometric sensor positionedbelow, or as a part of, the input element 13. In some embodiments, theinput element 13 is a button, while in others it may be a portion of adisplay 15, a switch, a region below an ink mask or otherwiseinoperative to display data, a portion of a housing, and so on. Afingerprint 14 is sensed by the biometric sensor and may be shown on thedisplay 15 of the electronic device 11, or an image corresponding to thefingerprint (or portions of the fingerprint) may be displayed. Forexample, a synthetic fingerprint may be displayed in lieu of the actualfingerprint. The fingerprint 14 may be used to access or unlock theelectronic device 11 and to permit a user to make purchases oreffectuate other secure transactions on the electronic device 11. Theelectronic device 11 may also allow a user to enroll multiplefingerprints from other individuals known to, and trusted by, the user.

Because this biometric access feature provides convenient and secureaccess to a device, a portable electronic device may also includecapability to allow a user to utilize the same access to certain otherof the user's electronic devices such a laptop computer, a tabletcomputer, a wearable computing device (e.g., smart watch or healthassistant), or another portable electronic device which may or may notbe biometric access enabled.

Referring to FIG. 2, one example of a biometric sensing system is shownas a block diagram, although it should be appreciated that this is onlyone example and many other systems and implementations may exist. In oneembodiment, all of the illustrated components are included in theelectronic device 11. In another embodiment, some of the illustratedcomponents are included in the electronic device 11. For example, thelow power transmitter device 91 may be a low power transceiver that isseparate from the electronic device 11 and communicably coupled to theelectronic device 11.

A biometric sensor 10 is the interface between the biometric sensingsystem and a user's biometric data. As described earlier, the biometricsensor 10 can be placed on, in, or below the input element 13 of theelectronic device 11. In some embodiments, the biometric sensor 10 maybe located in portions of the electronic device 11 other than adjacentto input element 13.

The biometric sensor 10 acquires biometric data such as, for example, afingerprint 14 of a user. While the illustrated biometric sensor 10 isgenerally an image acquisition system, in other embodiments thebiometric sensor can be a voiceprint recognition device, a finger lengthsensor, a retinal scanner, or other biometric sensor according to thedesired user characteristics to be sensed. For example, in someembodiments, the biometric sensor 10 can be a microphone on theelectronic device 11 which may identify a voiceprint of a user to beused for biometric access.

Pre-processing of the sensed biometric data may be accomplished by apre-processing component 17, which may be operative to do one or moreof: remove artifacts from the sensed image; enhance the image (forexample by removing background noise); and normalize the image data.Data is then transmitted to feature extractor 18, which may identifycertain features of the captured image, such as the whorls and lines ina fingerprint.

In some embodiments, a vector of numbers or an image with particularproperties representing identifying features is used to create atemplate in a template generator 19. A template is a synthesis of therelevant identifying characteristics and is extracted from source imagesor other biometric data. Elements of the biometric measurement that arenot used in the comparison algorithm typically are discarded in thetemplate to reduce the data requirements. In the enrollment process, fora first time user, the template generated in the template generator 19may be stored in a storage device 21 for future use to allow that userto become a permitted user and access the electronic device 11.

In the verification or test process, the biometric data (e.g.,fingerprint) sensed by the biometric sensor 10 is compared againststored templates in the storage device 21 and a matching identitydetermined by comparative matching device 22 is sent to the electronicdevice 11 to verify the identity of the user. In some embodiments,multiple biometric templates may be enrolled and stored in the storagedevice 21. The storage device 21 can be configured as one or morememories, including, but not limited to, RAM, ROM, flash memory, andremovable memory, or combinations thereof. The multiple biometrictemplates may be from the primary user or they may be from one or moreindividuals approved by the primary user to allow more than one user tobe verified as an approved user and granted access to the electronicdevice 11. The user thus controls who may access the electronic device11.

Although particular operations have been discussed and described forenrollment, template generation, testing and authorization, it should beappreciated that many other methods and systems for each such operationexist. Accordingly, the foregoing is intended to provide only oneexample of various biometric enrollment/sensing operations and is notintended to limit embodiments described herein.

The electronic device 11 may include a number of other electroniccomponents, such as a processor 89 operative to generally controlcertain operations of the electronic device. Although not shown in FIG.2, the processor 89 can be operably connected to one or more of thecomponents in the electronic device, such as the biometric sensor 10,the pre-processing component 17, the feature extractor 18, the templategenerator 19, the storage device 21, the comparative matching device 22,a first transmitter device 90, and a second transmitter device 91. Insome embodiments, the operations of the pre-processing component 17, thefeature extractor 18, the template generator 19, and/or the comparativematching device 22 can be performed by the processor 89. The processor89 can be implemented with one or more suitable data processing devices,examples of which include a microprocessor, an application-specificintegrated circuit (ASIC), and a central processing unit (CPU).

The first transmitter device 90 is operative to communicate wired orwirelessly with other devices. The first transmitter device 90 can sendand receive data and communications to and from the other devices.Example transmitters include, but are not limited to, Wi-Fi, Bluetooth®,and near field communication. The second transmitter device 90 may be alow power transmitter device that is operative to transmit and receivedata and communications (wired or wirelessly) associated with thebiometric sensor 10 to other devices, thereby permitting the electronicdevice to access other electronic devices. Data transmission, wirelessand/or wired communication, and other functions of the electronic devicewill be described in more detail later.

A user may choose to store multiple biometric templates in the biometricsensing system of FIG. 2. In one embodiment, a user may choose afingerprint from an index finger as one template while a ring fingerfingerprint or a thumbprint may be used as another template. A user maythus add a level of security for various applications. For example,certain information on the electronic device 11, or on anotherpaired/authorized electronic device, may be accessible only by using afirst authorized fingerprint while other information may be accessedusing a second, different authorized fingerprint. A retinal scanner, avoiceprint, or other scanner may also be used as the biometric sensor.In some embodiments, various combinations of these types of sensorsand/or indicia could be used to provide various levels of security.

Referring to FIG. 3, certain embodiments permit a user to access asecond electronic device 24 from the first electronic device 11 equippedwith a biometric identification system, one non-limiting example ofwhich was described above with respect to FIGS. 1 and 2. Some electronicdevices may not have biometric sensors and may require passwords orother security measures to access them. The first electronic device 11may bypass such security measures by pairing with the second electronicdevice 24.

Alternatively, in some embodiments it may be convenient to accessmultiple devices from one biometric-enabled device, even if the otherdevices also have biometric access capability. For example, in asituation where a user has a device, such as electronic device 11, andwishes to access another device, such as electronic device 24, it mayenhance or facilitate the user's operation to access the secondelectronic device 24 and/or information 23 contained in the secondelectronic device 24 (e.g., a document) without entering any additionalsecurity verification into the second electronic device 24. The user mayphysically access, without additional security verification, the secondelectronic device 24 so long as the biometric-enabled first electronicdevice 11 is on the user's person or near the second electronic device24, for example.

Referring to FIG. 3, a user 25 holding the first electronic device 11(e.g., a smartphone) may securely access the second electronic device 24(e.g., a laptop computer) using biometric authentication. In thisembodiment, the user 25 places his or her finger on or near the inputelement 13, which captures an image of the user's fingerprint. Thatimage is validated (for example, as described above) and the user 25 isgranted access to the first electronic device 11.

An identification or other authorization message 16 may be transmitted(wired or wirelessly) across a network to the second electronic device24 (or any other suitable electronic device). In some embodiments, awireless transceiver device 26 may communicatively couple the firstelectronic device 11 (e.g., smartphone) to the second electronic device24 (e.g., laptop computer). Any suitable wireless transceiver device maybe used. Example wireless transceiver devices include, but are notlimited to, beacons, repeaters, range extenders, and relay transmitters.The wireless transceiver device can employ any suitable communicationprotocol, such as Bluetooth® Low Energy. In some embodiments, thewireless transceiver 26 may be the low power transmitter device 91 inFIG. 3. In other embodiments, the first and second electronic devices11, 24 may communicate directly with one another.

Communicating the authorization message 16 from the first electronicdevice 11 to the second electronic device 24 generally permits the firstelectronic device 11 and/or its user to access the second electronicdevice 24 and some or all of the information 23 contained therein. Itshould be appreciated that certain embodiments may permit access to thesecond electronic device 24 only through or by the first electronicdevice 11. In other embodiments, the exchange of authorization messagesor signals (as described in more detail below) may effectively unlockthe second electronic device 24, thereby permitting access throughconventional means such as the second electronic device's keyboard,mouse, or other input. The second electronic device 24 may remainunlocked or otherwise accessible as long as it is in communication withthe first electronic device 11, or the second electronic device 24 mayremain accessible only for a period of time after which anotherauthorization operation may be necessary. The second electronic device24 may further periodically look for the presence of the firstelectronic device 11. In some embodiments, if the first electronicdevice 11 is found, the time before which another authorization isrequested may be extended.

For example, in some embodiments the first electronic device 11 and thesecond electronic device 24 can transmit data between functions,applications, operating software, and other software on one or bothelectronic devices after the second electronic device is unlocked basedon the fingerprint. Additionally or alternatively, one electronic device(e.g., the first electronic device 11) can initiate an online purchasethat is completed on the other device (e.g., the second electronicdevice 24). For example, an online purchase of an audio or video filecan be initiated on the first electronic device 11. The paymentinformation (e.g., credit card information) may be transmitted to theonline store from the second electronic device 24 and/or the audio orvideo file can be downloaded to the second electronic device 24.

Similarly, one electronic device (e.g., the first electronic device 11)can initiate an operation that is completed or performed by the otherdevice (e.g., the second electronic device 24) based on biometric data.For example, the second electronic device 24 can be used to initiate thecapture of an image and the first electronic device 11 can then capturethe image. Thereafter, in some embodiments the first electronic device11 may transmit the captured image to the second electronic device 24.In another example, the first electronic device 11 can be used toinitiate the sending of an email and the second electronic device 24 maythen send the email.

In some embodiments, the first electronic device can utilize biometricdata to pair with the second electronic device. Additionally oralternatively, the first electronic device 11 can set up or change thesettings of the second electronic device. For example, based onbiometric data, the first electronic device 11 can be used to change anetwork setting or a password on the second electronic device.

Referring again to FIG. 3, the user 25 may wish to retrieve theinformation 23 from the second electronic device 24. In some situations,the information 23 may contain particularly sensitive personalinformation of the user 25. The user 25 may thus include an additionallevel of security on the second electronic device 24 by designating arequirement that a certain fingerprint, for example his or herthumbprint, be required for access to the information 23 while his orher index fingerprint may be used to simply unlock the second electronicdevice 24. In this way, an additional layer of security may be added forsensitive information. A user could thus grant access to the secondelectronic device 24 to certain individuals without granting thoseindividuals access to personal information such as information 23.

In other embodiments, various activities may be enabled by one or morestored biometric data. For example, a user may unlock the secondelectronic device 24 with a fingerprint while a retinal scan or otherbiometric data can be used to enable additional operations such asauthorizing an online purchase. In other embodiments, various otheractions, such as downloading information or documents online, may beenabled by a specific type of biometric data. As another example, storedbiometric data could be used to enable access to remote storage of data,such as data stored in a cloud computing network.

As yet another example, accessing a user's bank account or bankingonline may require one or more particular types of biometric data toauthorize that user and enable access. Continuing the example, sensing auser's fingerprint or other biometric data may be required to accessthat user's account and withdraw money from an automated teller machine.In other embodiments, enabling online purchases or use of a credit cardcould be authorized by sensing particular biometric data of the personon his or her portable electronic device and conveying that informationto a paired device such as a vendor computer to authorize thetransaction.

In order to accomplish the access and authentication activitiesdescribed above with respect to FIG. 3, suitable electronic devices mayfirst establish communication links to each other. This process is knownas “pairing”. Pairing generally is a one-time operation that establishesa communication/data link between two devices; the data link may bewireless in many embodiments and may be cryptographically secured. Oncedevices are paired in this manner, they can be cryptographicallyverified on each subsequent use.

FIG. 4 is a flowchart showing example operations for pairing twoelectronic devices. In this embodiment, the electronic device with abiometric sensor that is used to authorize operations on anotherelectronic device is referred to as a “controller device”. Theelectronic device whose operations are being authorized by thecontroller device (the electronic device that is accessed by thecontroller device) is referred to as the “accessory device”. In theexample embodiment shown in FIG. 3, the controller device is the firstelectronic device 11 (e.g., a smartphone) and the accessory device isthe second electronic device 24 (e.g., a laptop computer). While these“paired” electronic devices may be in close physical proximity in someembodiments, the electronic devices may also be remote such as a vendorcomputer or server in other embodiments.

Referring to FIG. 4, in operation 27, a user (e.g., user 25) enters apasscode or otherwise unlocks a controller device. The passcode orunlocking mechanism may be a biometric authorization such as afingerprint or other biometric data as described earlier. In operation28, the accessory device is recognized as being in a communication rangethrough the wireless transceiver 26. In other embodiments, thecontroller device can recognize that the accessory device is within acommunication range by itself (without the use of the wirelesstransceiver 26).

In operation 29, a secure connection between the controller device andthe accessory device is established. Once this secure connection hasbeen established, the controller device uses the biometric information(e.g., sensed biometric data such as a fingerprint) to generate anencryption key in operation 31. In operation 32, the controller deviceand the accessory device exchange public keys over the securedconnection established in operation 29. The controller device and theaccessory device are now paired and the process of authorizing the userto securely access the accessory device will be described below withrespect to FIG. 5.

Once the controller device (e.g., first electronic device 11) and theaccessory device (e.g., second electronic device 24) have been paired asdescribed above with respect to FIG. 4, the process of authorization maybegin. Referring to FIG. 5, to initiate the authorization process, thecontroller device must first discover the accessory device is withincommunication range (operation 33). As will be further described below,the accessory device transmits a request if an operation, such as accessto the accessory device, includes authorization. In some embodiments,the request can be transmitted through a wireless transmitter (e.g.,wireless transceiver 26) to the electronic devices within thecommunication range. In one embodiment, the communication range may beabout two (2) meters. Once the accessory device has been “discovered” inoperation 33, the verification of the public key protocol between thecontroller and accessory devices occurs in operation 34. The controllerdevice then verifies the biometric information from the user of thecontroller device (operation 35). In one embodiment, the biometricinformation includes a fingerprint obtained through a biometric sensor.If the biometric information is verified, the controller device sends anauthorization message (e.g., authorization 16 in FIG. 3) to theaccessory device in operation 36, which is received by the accessorydevice in operation 37. The accessory device then authorizes the user toaccess the accessory device and notifies the controller device of theauthorized access.

Referring to FIG. 6, the pairing process of FIG. 4 is described in moredetail. Specifically, operation 28 of the pairing process shown in FIG.4 is further described in FIG. 6. In operation 27, the user enters apasscode or otherwise unlocks the controller device. As described inconjunction with FIG. 4, the passcode or unlocking mechanism may be abiometric authorization such as a fingerprint or other biometric data.

In operation 41, the accessory device advertises its availability whilethe controller device scans for peripherals supporting the pairingfunction in operation 42. In some embodiments, the controller devicediscovers the accessory device through a wireless communications device(e.g., wireless transceiver device 26) using Bluetooth® Low Energy oranother protocol. In operation 43, the controller device displays theelectronic devices (including the accessory device) located within apredetermined distance. In one embodiment, the predetermined distance isa communication range, which can be approximately 2 meters.

Referring to FIG. 7, after the accessory device is “discovered” throughthe operations described in FIG. 6, a secure connection is establishedbetween the controller device and the accessory device (operation 29 ofFIG. 4). In one embodiment, the secure connection can be created asfollows. In operation 44, the controller device sends a start request tothe accessory device. The start request can include a secure remotepassword and a personal identification number (PIN). In operation 45,the accessory device generates a random PIN and presents it to the useron the accessory device. In operation 46, the accessory device sends aresponse to the start request of operation 44. In operation 47, thecontroller device then prompts the user to enter the PIN from operation45. In operation 48, the controller device sends a secure remotepassword verify request to the accessory device with proof of the PIN.In operation 49, the accessory device verifies the proof of the PIN fromoperation 48 and responds with another secure remote password to verifythe proof of PIN. In operation 51, the controller device verifies theproof of PIN from operation 49. Thereafter, the secure connectionbetween the accessory device and the controller device is established.

Referring to FIG. 8, operation 31 of the pairing process shown in FIG. 4is described in greater detail. In operation 52, the controller deviceregisters for notification of biometric identification. In operation 53,the controller device prompts the user to perform a biometric scanwhich, in the embodiments described in FIGS. 1-3, is to touch the user'sfinger to the input element 13 (positioned above biometric sensor 10).In operation 54, the controller device waits for notification of asuccessful biometric identification. In one embodiment, the controllerdevice waits for notification from the comparative matching device 22 inFIG. 2. The notification may be sent by the transmitter device 90 and/orthe low power transmitter device 91.

If the identification is successful in operation 54, then a processor(e.g., processor 89) generates an asymmetric key pair and returns apublic key to the controller device (operation 55). In one embodiment,the processor is a secure enclave processor, which is tamper-resistantprocessor capable of securely hosting code and data. If the biometricidentification of operation 55 is not successful, the pairing of theaccessory and controller devices does not occur and the process isterminated (operation 56).

The final operation in the example pairing process of FIG. 4 is to havethe accessory device and the controller device exchange public keys overa secure channel to establish the pairing of the devices (operation 32in FIG. 4). Referring to FIG. 9, operation 32 is accomplished in someembodiments by first having each electronic device (e.g., the controllerand accessory devices) derive a symmetric key from a secure remotepassword protocol shared secret key (operation 57). In operation 58,each electronic device encrypts a public key and generates anauthorization tag with a symmetric cipher. In operation 59, theencrypted public key and the authorization tag are exchanged between thecontroller device and the accessory device (the devices which are to bepaired). In operation 61, the accessory device and the controller deviceeach receives the encrypted public key and authorization tag from theother electronic device. In operation 62, the authorization tag isverified and the encrypted public key from the other electronic deviceis decrypted. In operation 63, each electronic device stores the otherdevice's public key in order to complete the pairing of the controllerand accessory devices. After completion of these operations, thecontroller and accessory devices are paired.

Once the controller and accessory devices have been paired, thecontroller device may be used to authorize operations on the accessorydevice. Referring to FIG. 10, operations 33 and 34 of FIG. 5 aredescribed in greater detail. The process to authorize an operation onthe accessory device begins with the controller device discovering theaccessory device using Bluetooth® or other wireless network. In someembodiments, a Bluetooth® Low Energy (BTLE) wireless network may beused. In operation 64, the accessory device advertises if an operationto be performed on it (such as user log in) needs authorization. Atoperation 65, the controller device scans for paired devices supportingthe biometric authorization. In order for the successful communicationand completion of the authorization function, the accessory device mustbe within a communication range of the controller device, which can beapproximately 2 meters in one embodiment. If the controller andaccessory devices are not within the communication range, the controllerdevice ignores the accessory device because the accessory device isbeyond the predetermined distance or communication range.

Referring again to FIG. 10, the verification operation 34 is describedin more detail. The station to station pair verification processproceeds in operation 66 with the controller device sending a verifystart request including a public key. In one embodiment, the a verifystart request including a public key may be an Elliptic CurveDiffie-Hellman (ECDH) key agreement protocol public key and long-termpublic key (LTPK). The accessory device receives the request atoperation 67 and searches for the public key of the controller device.The accessory device rejects the request if the public key of thecontroller device is not found.

If the public key of the controller device is found, the accessorydevice uses its secret key and the controller device's public key togenerate a shared secret key in operation 68. At operation 69, theaccessory device uses its long term secret key to sign the concatenationof its public key and the public key of the controller device.

The authorization process continues at operation 71 with the accessorydevice deriving a symmetric key from the shared secret key andencrypting a signature of the shared public keys. The accessory devicethen responds with its keys and encrypted signature at operation 72.

At operation 73, the controller device receives the response fromoperation 72, and at operation 74 searches for the public key of theaccessory device and rejects it if not found after searching. Inoperation 75, the controller device uses its secret key and an ECDHpublic key to generate a shared secret key which may, in one embodiment,be an ECDH key. The controller device decrypts the signature fromoperation 72 and verifies the signature using the public key of theaccessory device (operation 76).

The next operation in the authorization process is to have thecontroller device sign data using its long term secret key and biometricauthorization. This process begins with the controller device verifyingbiometric data from the user in operation 35 (FIG. 5). Referring to FIG.11, the controller device registers for notification of biometricidentification in operation 77. The controller device indicates to theuser that biometric identification is needed in operation 78 and thenwaits for a successful biometric identification in operation 79. Theprocessor (e.g., a secure enclave processor) is then asked to signconcatenation of keys in operation 81.

The next operation in the authorization process is verification to theaccessory device (operation 37 in FIG. 5). The final phase of thestation to station protocol for verification of the device pairingbegins at operation 82 as the controller device encrypts its signature.At operation 83, the controller device sends a verify finish requestwith its encrypted signature to the accessory device, which is receivedby the accessory device at operation 84. At operation 84, the accessorydevice decrypts the signature and verifies that it was signed by thepublic key of the controller device.

The final step in the authorization process (operation 38 in FIG. 5)begins at operation 85 as the controller device builds an authorizationmessage, encrypts the authorization message, and generates anauthorization tag. At operation 86, the controller device sends theencrypted authorization message and authorization tag to the accessorydevice. The accessory device receives the authorization message,verifies the authorization tag and decrypts the authorization message atoperation 87. The biometric authorization is completed at operation 88when the accessory device performs the authorization and sends aresponse indicating success or failure of the process.

Various encryption algorithms may be used in various embodimentsdisclosed herein. For example, for Elliptic-Curve Diffie-Hellman (ECDHencryption), the algorithm may be Curve25519. For signature generationand verification, the algorithm Ed25519 may be used. For hashing, theSHA-512 algorithm may be used. For key derivation, the HKDF-SHA-512algorithm may be used. The encryption algorithm is preferable ChaCha20and for message authentication, the Poly1305 algorithm may be used. Ofcourse, other encryption algorithms may be used for any of thesefunctions without departing from the scope of the disclosed embodiments.

The various operations shown in FIGS. 4-11 can be performed by hardware,software, or a combination of hardware and software. Certain aspects ofthe disclosed embodiments may be provided as a computer program product,or software, that may include a computer-readable storage medium or anon-transitory machine-readable storage medium that stores instructionsthat may be used to program a processor (or other computing orprocessing device) to perform a process.

Additionally, although embodiments have been described in conjunctionwith a smartphone and a laptop, other embodiments are not limited tothese electronic devices. Any suitable electronic device can be thefirst electronic device and the second electronic device. As oneexample, the first electronic device may be a smartphone and the secondelectronic device a wearable computing device, such as a smart watch ora health assistant. Biometric data can be used to pair the smartphoneand the wearable computing device. Additionally or alternatively,biometric data may be received to permit the smartphone to unlock thewearable computing device. Additionally or alternatively, biometric datamay be used to allow the smartphone (e.g., the user of the smartphone)to access applications, data, and/or functions on the wearable computingdevice. In another example, the first electronic device may be a tabletcomputing device and the second electronic device a smartphone. In yetanother example, the first electronic device may be a digital musicplayer and the second electronic device a tablet computing device.

The foregoing description, for purposes of explanation, used specificnomenclature to provide a thorough understanding of the describedembodiments. However, it will be apparent to one skilled in the art thatthe specific details are not required in order to practice the describedembodiments. Thus, the foregoing descriptions of the specificembodiments described herein are presented for purposes of illustrationand description. They are not intended to be exhaustive or to limit theembodiments to the precise forms disclosed. It will be apparent to oneof ordinary skill in the art that many modifications and variations arepossible in view of the above teachings.

What is claimed is:
 1. An electronic device, comprising: a firstbiometric sensor; a processing device operably connected to the firstbiometric sensor, the processing device configured to receive biometricdata from the first biometric sensor and determine if the biometric datamatches a biometric template; and at least one transmitter deviceoperably connected to the processing device, the at least onetransmitter device operative to pair the electronic device to a secondelectronic device across a network and to transmit an authorizationmessage to the second electronic device based on a match between thebiometric data and the biometric template, wherein the authorizationmessage permits the electronic device to automatically access the secondelectronic device.
 2. The electronic device of claim 1, wherein the atleast one transmitter device comprises: a first transmitter deviceoperative to pair the electronic device to the second electronic device;and a low power transmitter device operative to transmit theauthorization message to the second electronic device to permit theelectronic device to automatically access the second electronic device.3. The electronic device of claim 2, wherein the first transmitterdevice is operative to receive a key from the second electronic devicewhen pairing to the second electronic device.
 4. The electronic deviceof claim 1, wherein the first biometric sensor comprises a fingerprintsensor and the biometric data comprises fingerprint data.
 5. Theelectronic device of claim 1, wherein the second electronic devicepermits automatic access to the second electronic device only while theelectronic device is within a communication range of the secondelectronic device.
 6. The electronic device of claim 1, wherein thesecond electronic device permits automatic access only while theelectronic device is paired with the second electronic device.
 7. Theelectronic device of claim 1, wherein the processing device receivesadditional biometric data from the first biometric sensor to provideaccess to information on the second electronic device.
 8. The electronicdevice of claim 1, further comprising a second biometric sensor.
 9. Theelectronic device of claim 8, wherein biometric data received from thesecond biometric sensor provides access to information on the secondelectronic device.
 10. A method for a controller device to pair with anaccessory device, comprising: receiving, by the controller device,biometric data associated with a user of the controller device;establishing a secure connection between the controller device and theaccessory device; generating, by the controller device, an asymmetrickey pair based on the biometric data to produce a first public key;transmitting, by the controller device, the first public key to theaccessory device; and receiving, by the controller device, a secondpublic key associated with the accessory device.
 11. The method of claim10, further comprising prior to generating, by the controller device,the asymmetric key pair based on the biometric data, verifying thebiometric data associated with the user matches a biometric templateassociated with the user.
 12. The method of claim 10, wherein receiving,by the controller device, biometric data associated with a user of thecontroller device comprises receiving, by the controller device,biometric data associated with the user of the controller device from abiometric sensor associated with the controller device.
 13. The methodof claim 12, wherein the biometric data comprises fingerprint data andthe biometric sensor comprises a fingerprint sensor.
 14. The method ofclaim 10, further comprising prior to establishing the secure connectionbetween the controller device and the accessory device, discovering, bythe controller device, the accessory device by scanning for peripheralssupporting the pairing function.
 15. The method of claim 14, wherein thecontroller device discovers the accessory device using a low powertransmitter device.
 16. The method of claim 10, wherein establishing thesecure connection comprises: sending, by the controller device, a startrequest to the accessory device; receiving, by the controller device, aresponse to the start request transmitted by the accessory device;receiving, by the controller device, a personal identification numberassociated with the accessory device based on the response to the startrequest; transmitting, by the controller device, a secure remotepassword verify request that includes a proof of the personalidentification number; receiving, by the controller device, a secureremote password response transmitted by the accessory device, whereinthe secure remote password response verifies the proof of the personalidentification number; and verifying, by the controller device, theproof of the personal identification number.
 17. A method for acontroller device to access information on an accessory device pairedwith the controller device, the method comprising: receiving, by acontroller device, first biometric data; generating, by the controllerdevice, an authorization message based on a match between the firstbiometric data and a first biometric template; communicating theauthorization message from the controller device to the accessoryelectronic device; unlocking the accessory device based on theauthorization message; and accessing, by the controller device, theinformation on the accessory device based on the authorization message.18. The method of claim 17, further comprising: prior to generating theauthorization message, receiving by the controller device secondbiometric data; and generating, by the controller device, theauthorization message based on the match between the first biometricdata and the first biometric template and a match between the secondbiometric data and a second biometric template.
 19. The method of claim18, wherein the first and second biometric data each comprisefingerprint data.
 20. The method of claim 18, wherein the firstbiometric data comprises fingerprint data and the second biometric datacomprises non-fingerprint biometric data.
 21. The method of claim 17,wherein communicating the authorization message from the controllerdevice to the accessory electronic device comprises communicating theauthorization message from the controller device to the accessoryelectronic device using a low power transmitter device.
 22. The methodof claim 17, wherein the authorization message is transmitted from thecontroller device to the accessory device only when the accessory deviceis located within a communication range of the controller device. 23.The method of claim 17, further comprising continuing to permit thecontroller device to access the accessory device only while thecontroller device is paired with the accessory device.